Giving Patients Control in Image Sharing

June 6, 2012

David Mendelson, MD, of Mount Sinai Hospital shares his experiences with the RSNA Image Share project, which gives patients primary control over their images.

Using CDs to transfer diagnostic images between physicians can be tricky. Discs can be encrypted and one facility’s PACS might be unable to communicate with another’s. Many vendors offer solutions to this problem, but none give patients overall control of their images. RSNA Image Share is a new image sharing pilot project that gives patients primary ownership over these studies and allows them to distribute them as they see fit.

Diagnostic Imaging spoke with David Mendelson, MD, radiology professor at New York’s Mount Sinai Hospital, who has been involved with the RSNA Image Share project, about how this software gives patients greater access to and control over their diagnostic images. Mendelson will be discussing experiences and advantages of image sharing at SIIM 2012 this week in Orlando.

What makes RSNA Image Share different from other image sharing software?

There are two things that dominate that answer. One is that our Image Share is based on the concept of personal health records and patient control. Most other personal health records around right now are either within an enterprise or an extended enterprise, such as health care centers with 10 hospitals that are geographically disparate and each have their own different PACS. Those places have gone out and contracted with vendors who sell services that exchange images between PACS within a system, and they usually do so with propriety mechanisms.

The other services out there are really just getting off the ground, and they’re designed to share images from doctor-to-doctor between disparate enterprises if a doctor creates an account with the company. Those vendors say anyone who has an account under their rules can exchange images.

A third route is closer to what where we’re doing. They’re health information exchanges based on statewide geographies. Very few offer image exchange guides based on standards, but some do. Most exchange mechanisms that are enterprise-to-enterprise or doctor-to-doctor keep the patient out of the loop. Usually, they give patients a CD with their images, and the patient carries it wherever they need to go. In principle, this works because patients are the most interested parties, but there is a weakness in generating the CD and applying certain standards to it. There are a lot of places where security can break down.

What we’ve done is take this last model and tried to maintain patient control while making it easier to use. We designed a system that lets us send images into the cloud through the patient health record, and the patient can access and distribute them as they wish.

What has been Mount Sinai’s experience with the Image Share Project so far?

So far, we have 1,000 patients involved at four institutions. We are speaking to 23 other facilities. We’re trying to make the technology on the personal health record end look like other things on the Internet while maintaining a strict level of security and confidentiality. After all, this is a HIPAA-based world. We’ve tried to make it look like banking or shopping online. We think we’ve been successful in providing this experience even though added security is necessary and the fact that this isn’t something that patients do in a normal day.

It still is probably a little harder to use than we would like it to be. And, there’s a drop-off. For every patient who signs up, we’re sure that not every one of them will use the personal health record. We don’t have final data on that right now, but we do know that a good number of our patients have become zealots about using their personal health records. They’ve thanked us and asked us where this type of capability has been.

Use is, of course, highest among those who have a true, current medical need, such as those who have cancer and must visit multiple locations with many doctors. They actively embrace this and really like it. We have a help desk and a variety of ways to nurture patients through using it. It’s really designed to be consumer-friendly with constraints. Admittedly, it has presented challenges to our older patients who aren’t as comfortable as our 30-something patients are with engaging online.

How has the security of the images worked? Has it needed tweaking at all?

It really is made to be like online banking. When you come here and are asked to set up a personal health record, we give you an eight-digit random code, much like the 16 digits on your bank card. You’re asked to set up a password. Like the person setting up your ATM account who doesn’t see what you type in, we do the same thing.

We determined, however, that our security system didn’t need 16 digits. We went through the steps of what it would take to crack our system, and we determined that it is very secure with an eight-digit code. Patients take this data home, use it to initialize their account with the personal health record service, and then move their images into that account. From that point on, the numbers we’ve given the patient have no value. From there on out, the account works just like Amazon.

What lessons are there for other hospitals considering making this move?

It’s important for institutions to remember as they bring this type of personal health record capability online to keep it as secure and easy-to-use as possible. The first four sites have been academic medical centers, and we’ve had the added step of having to get HIPAA consent from patients because this was initially designed as a research project. The institutional review board form can discourage patients from participating. So, we’re making a point of telling the many community practices that we’re now working with that they don’t need to enter the research piece. It will make things easier.

From this experience, what can you point to as being the advantages of using an image sharing program?

The notion of patient control. Our patients are quickly becoming educated consumers in a variety of ways. The person most interested in any piece of medical data is always the patient. By putting the images in the patient’s hands and making them accessible via the Internet, the patient has a way to facilitate his or her own care.

With a personal health record account, they can walk into a doctor’s office, log on, and show their images on the fly. They can also email links to doctors either during a visit or in advance of an appointment by authenticating the doctor to have time-limited access to the images. It’s an easy way to give patients ownership and distribution rights over their images. It won’t work for everyone, but a large part of the population is Internet savvy. They share music, videos, pictures, and do their banking online. This will easily be just one more thing for them.

What is the message you want institutions to take-away about image sharing?

The CD was the initial step at making radiology data exchange possible. But, it has a set of problems well known to physicians. I think the Internet is the optimal replacement for using CDs to move images around. It’s all about making things easier for the patient, the radiologist, and the clinical physician who uses the images. The intent is efficiency and driving down cost.